Hi,
Let's say I have 2000 virtual servers, one for each customer.
I want to give access to Splunk to each customer and limit him only to his virtual server data.
Do I spread data across 2000 indexes - one per customer/server and create 2000 roles and limit each role/customer to his index ?
Or
Do I create 2000 roles and limit each to a single host in the search ?
Or
Any other simpler way ? 😄
Urtho,
urtho,
This is an interesting topic, and the following Splunk Blog maybe able to assist you on you choices...
http://blogs.splunk.com/2011/11/04/splunk-and-multitenancy/
Hope this helps answer your question.
If it does answer your question, please mark the answer as accepted to assist the community.
Regards,
MHibbin
urtho,
This is an interesting topic, and the following Splunk Blog maybe able to assist you on you choices...
http://blogs.splunk.com/2011/11/04/splunk-and-multitenancy/
Hope this helps answer your question.
If it does answer your question, please mark the answer as accepted to assist the community.
Regards,
MHibbin